IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Red Hat reveals new software supply chain security pattern

New cross-portfolio capabilities aim to help customers improve security posture and enable DevSecOps

People holding Security sign

Red Hat has announced a host of new security capabilities across its portfolio of open hybrid cloud technologies, designed to help organisations better mitigate risks and meet compliance requirements across complex IT environments.

Detailing the additions at its Red Hat Summit in Boston, the firm said the enhancements aim to minimize complexity, while also helping customers improve security posture and enable DevSecOps.

Related Resource

Security awareness training strategies for account takeover protection

Why you need an inside-the-perimeter strategy for internal threats

Security awareness training strategies for account takeover protection - whitepaper from MimecastFree download

Red Hat is introducing a software supply chain security pattern to simplify the process of implementing security features throughout the complete build, deploy and run process.

Delivered via Red Hat OpenShift, patterns will deliver complete stacks as code and will define, build and test the necessary software configurations.

Available as a preview, the software supply chain security pattern uses a Kubernetes-native, continuously integrated pipeline through OpenShift Pipelines and OpenShift GitOps for version control, which Red Hat says will help reduce complexity and save time.

Through Tekton Chains, the pattern will also incorporate Sigstore, an open-source project aimed at making cryptographic signing of code more accessible.

Additionally, in Red Hat Ansible Automation Platform 2.2, Red Hat is introducing a technical preview of Ansible content signing technology which will enable automation teams to validate that the automation content being executed in their enterprise is verified and trusted.

Elsewhere, Red Hat Advanced Cluster Security for Kubernetes brings additional capabilities to help protect container workloads running on edge devices. These include automated DevSecOps in the CI/CD pipeline, threat detection and incident response, as well as network segmentation functionality.

“The enhanced security capabilities across Red Hat’s hybrid cloud portfolio is intended to help deliver less complex operations with high levels of security no matter where an organization operates,” commented Vincent Danen, vice president, Product Security, Red Hat.

“This is Red Hat's commitment to DevSecOps - making security not something bolted on, but a seamless integral part of moving applications from development to production to assist IT teams, both technically and organically.”

Red Hat also unveiled its new Enterprise Linux 9 platform, which utilizes integrity management architecture (IMA), as well as security features such as enhanced security around root privileges, support for the latest cryptographic frameworks with the integration of OpenSSL 3, and bolstered security best practices.

Red Hat said its software supply chain security pattern will be available in the coming months, while RHEL 9 will land in the coming weeks. Red Hat Advanced Cluster Security for Kubernetes is available now.

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Recommended

Schneider Electric unveils Grid Operations Platform as a Service on Microsoft Azure
cloud computing

Schneider Electric unveils Grid Operations Platform as a Service on Microsoft Azure

24 May 2022
T-Mobile unveils new 5G Advanced Network Solutions
Network & Internet

T-Mobile unveils new 5G Advanced Network Solutions

24 May 2022
Google unveils new Assured Open Source Software service
open source

Google unveils new Assured Open Source Software service

18 May 2022
Malwarebytes hires new channel chief to lead MSP and partner network
Managed service provider (MSP)

Malwarebytes hires new channel chief to lead MSP and partner network

18 May 2022

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security
Careers & training

(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security

17 May 2022
Preparing for the 3G sunset
Network & Internet

Preparing for the 3G sunset

18 May 2022